p16hmcrr8s1g2l1sv716upbs0uqc3.jpg
Banks and merchants have been building their defenses against hackers for years, but it hasn't been enough. They were still the targets of several major breaches in 2011, affecting millions of consumers.
p16hmcrr8sfe318nq15e615g8185p4.jpg

Sony

Sony disclosed in April that the personal information of up to 77 million users of its online gaming network was affected in a data breach. Though there were anecdotal reports of credit-card misuse following the PlayStation Network breach, Sony maintained that most users were not at risk for financial fraud.
p16hmcrr8sb701m0v1sqqaki12i58.jpg

Michaels Stores

The crafts retailer reported in May that it had suffered a widespread breach of its customers' card data. The company discovered tampering with the PIN pads at its checkout lanes in stores across 20 states. Michaels required its customers to make signature-based transactions until the affected devices were replaced.
p16hmcrr8sqtk11kh1c4k5heir56.jpg

RSA Security

The breach at EMC Corp.'s RSA Security was particularly chilling, since so many banks and other companies rely on its one-time-password tokens to secure their systems. In the breach's aftermath RSA offered to replace 40 million of its SecurID tokens at 30,000 companies.
p16hmcrr8s1nbh2fpgr3102617115.jpg

Citigroup

Citi reissued over 200,000 cards after a May website breach it disclosed in June. About 360,000 of its 23.5 million North American card accounts were affected altogether. In August, an unrelated data breach at a merchant led Citi to again reissue some of its customers' cards.
p16hmcrr8sfo2pcl13gtngt9kc7.jpg

Epsilon

There's no such thing as "low-value" data. Email addresses may not be enough by themselves to use for identity theft, but when the client list for Epsilon, the email marketing unit of Alliance Data Systems Corp., was exposed in April, many feared that the email addresses could be paired with knowledge of Epsilon's client affiliations to create extremely targeted — and extremely effective — phishing attacks.
p16hmcrr8so95o6ai7aa9dmlk9.jpg

Valve Corp.

The company behind the popular PC game distribution service Steam disclosed a breach in November of the encrypted payment details of its 35 million customers. Though this breach affects a smaller number of people than Sony's PlayStation Network breach did, Steam users are more likely than PSN users to have linked a credit card to their account.
MORE FROM AMERICAN BANKER